Описание
An interaction between PGP 7.0.3 with the "wipe deleted files" option, when used on Windows Encrypted File System (EFS), creates a cleartext temporary files that cannot be wiped or deleted due to strong permissions, which could allow certain local users or attackers with physical access to obtain cleartext information.
Ссылки
- Broken LinkPatchVendor Advisory
- http://download.nai.com/products/licensed/pgp/desktop_security/windows/version_7.1/hotfix/ReadMe.txtThird Party Advisory
- Broken LinkPatchVendor Advisory
- Broken Link
- Broken LinkPatchThird Party AdvisoryVDB EntryVendor Advisory
- Broken LinkPatchVendor Advisory
- http://download.nai.com/products/licensed/pgp/desktop_security/windows/version_7.1/hotfix/ReadMe.txtThird Party Advisory
- Broken LinkPatchVendor Advisory
- Broken Link
- Broken LinkPatchThird Party AdvisoryVDB EntryVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:pgp:corporate_desktop:7.1:*:*:*:*:*:*:*
cpe:2.3:a:pgp:freeware:7.0.3:*:*:*:*:*:*:*
cpe:2.3:a:pgp:personal_security:7.0.3:*:*:*:*:*:*:*
EPSS
Процентиль: 37%
0.00154
Низкий
5.5 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-459
Связанные уязвимости
CVSS3: 5.5
github
больше 3 лет назад
An interaction between PGP 7.0.3 with the "wipe deleted files" option, when used on Windows Encrypted File System (EFS), creates a cleartext temporary files that cannot be wiped or deleted due to strong permissions, which could allow certain local users or attackers with physical access to obtain cleartext information.
EPSS
Процентиль: 37%
0.00154
Низкий
5.5 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-459